diff options
author | Lennart Poettering <lennart@poettering.net> | 2018-11-26 16:06:26 +0100 |
---|---|---|
committer | Lennart Poettering <lennart@poettering.net> | 2018-12-01 12:50:45 +0100 |
commit | 595225af7a4f663788d26b8720e994fed71f9410 (patch) | |
tree | ca656b1aaa5655b0697472e7165272db02bc8a22 /src/fsck/fsck.c | |
parent | 909106ebdf9a128627cd5974d4d388c71d694464 (diff) | |
download | systemd-595225af7a4f663788d26b8720e994fed71f9410.tar.gz |
tree-wide: invoke rlimit_nofile_safe() before various exec{v,ve,l}() invocations
Whenever we invoke external, foreign code from code that has
RLIMIT_NOFILE's soft limit bumped to high values, revert it to 1024
first. This is a safety precaution for compatibility with programs using
select() which cannot operate with fds > 1024.
This commit adds the call to rlimit_nofile_safe() to all invocations of
exec{v,ve,l}() and friends that either are in code that we know runs
with RLIMIT_NOFILE bumped up (which is PID 1 and all journal code for
starters) or that is part of shared code that might end up there.
The calls are placed as early as we can in processes invoking a flavour
of execve(), but after the last time we do fd manipulations, so that we
can still take benefit of the high fd limits for that.
Diffstat (limited to 'src/fsck/fsck.c')
-rw-r--r-- | src/fsck/fsck.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/src/fsck/fsck.c b/src/fsck/fsck.c index 995cf92ef1..7fc4a283ce 100644 --- a/src/fsck/fsck.c +++ b/src/fsck/fsck.c @@ -27,6 +27,7 @@ #include "path-util.h" #include "proc-cmdline.h" #include "process-util.h" +#include "rlimit-util.h" #include "signal-util.h" #include "socket-util.h" #include "special.h" @@ -401,6 +402,8 @@ static int run(int argc, char *argv[]) { cmdline[i++] = device; cmdline[i++] = NULL; + (void) rlimit_nofile_safe(); + execv(cmdline[0], (char**) cmdline); _exit(FSCK_OPERATIONAL_ERROR); } |